X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fvideo-captions.ts;h=bfce5ca4767524c46fe891a8bc88a28a886768d2;hb=63fa260a81a8930c157b73c897fe8696a8cc90d4;hp=34c1a9673df4c7db3073cebbb23f085eaffe887d;hpb=bf54587a3e2ad9c2c186828f2a5682b91ee2cc00;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/tests/api/check-params/video-captions.ts b/server/tests/api/check-params/video-captions.ts
index 34c1a9673..bfce5ca47 100644
--- a/server/tests/api/check-params/video-captions.ts
+++ b/server/tests/api/check-params/video-captions.ts
@@ -1,8 +1,8 @@
 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
 
-import 'mocha'
+import { buildAbsoluteFixturePath } from '@shared/core-utils'
+import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
 import {
-  buildAbsoluteFixturePath,
   cleanupTests,
   createSingleServer,
   makeDeleteRequest,
@@ -11,7 +11,6 @@ import {
   PeerTubeServer,
   setAccessTokensToServers
 } from '@shared/server-commands'
-import { HttpStatusCode, VideoCreateResult } from '@shared/models'
 
 describe('Test video captions API validator', function () {
   const path = '/api/v1/videos/'
@@ -19,6 +18,7 @@ describe('Test video captions API validator', function () {
   let server: PeerTubeServer
   let userAccessToken: string
   let video: VideoCreateResult
+  let privateVideo: VideoCreateResult
 
   // ---------------------------------------------------------------
 
@@ -30,6 +30,7 @@ describe('Test video captions API validator', function () {
     await setAccessTokensToServers([ server ])
 
     video = await server.videos.upload()
+    privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
 
     {
       const user = {
@@ -204,8 +205,32 @@ describe('Test video captions API validator', function () {
       })
     })
 
+    it('Should fail with a private video without token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: path + privateVideo.shortUUID + '/captions',
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+
+    it('Should fail with another user token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: userAccessToken,
+        path: path + privateVideo.shortUUID + '/captions',
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
     it('Should success with the correct parameters', async function () {
       await makeGetRequest({ url: server.url, path: path + video.shortUUID + '/captions', expectedStatus: HttpStatusCode.OK_200 })
+
+      await makeGetRequest({
+        url: server.url,
+        path: path + privateVideo.shortUUID + '/captions',
+        token: server.accessToken,
+        expectedStatus: HttpStatusCode.OK_200
+      })
     })
   })